package com.hrm.filters;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.alibaba.fastjson.JSON;
import com.hrm.domain.User;

/*
 * 登录过滤器,防止通过url直接进入
 */
@WebFilter(urlPatterns = { "/main.action", "/userInfo", "/modifyPWD", "/deptInfo", "/jobInfo", "/employeeInfo",
		"/noticeInfo", "/documentInfo" })
@SuppressWarnings("all") // 使用注解抑制警告信息
public class LoginFilter implements Filter {

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse resp = (HttpServletResponse) response;
		// 获取cookie
		Cookie[] cookies = req.getCookies();
		// 判断是否存在免登录cookie
		int flag = 0;
		for (Cookie cookie : cookies) {
			if ("lname".equals(cookie.getName())) { // 说明勾选了免登录
				flag = 1;
			}
		}
		String url = req.getRequestURI(); // 获取跳转路径
		// 进行截取并判断
		String operator = url.substring(url.lastIndexOf("/") + 1);
		User user = JSON.parseObject((String) req.getSession().getAttribute("user"), User.class);
		// 防止Session过期,如果获取不到user就再走一遍登录
		try {
			user.getuName();
		} catch (Exception e) {
			resp.sendRedirect("login.jsp");
			return;
		}
		if ((req.getSession().getAttribute("user") != null && req.getSession().getAttribute("uName") != null)
				|| flag == 1) { // 说明登录过或者勾选了免登录,可以放行
			// 分流
			if ("main.action".equals(operator)) {
				req.getRequestDispatcher("/WEB-INF/common/main.jsp").forward(req, resp);
				return;
			} else if ("userInfo".equals(operator)) {
				if ("超级管理员".equals(user.getuName())) { // 用户分流
					req.getRequestDispatcher("/WEB-INF/user/ruser.jsp").forward(req, resp);
					return;
				} else {
					req.getRequestDispatcher("/WEB-INF/user/user.jsp").forward(req, resp);
					return;
				}
			} else if ("modifyPWD".equals(operator)) { // 修改密码
				req.getRequestDispatcher("/WEB-INF/common/modifyPWD.jsp").forward(req, resp);
				return;
			} else if ("deptInfo".equals(operator)) { // 部门管理
				req.getRequestDispatcher("/WEB-INF/dept/dept.jsp").forward(req, resp);
				return;
			} else if ("jobInfo".equals(operator)) { // 职位管理
				req.getRequestDispatcher("/WEB-INF/job/job.jsp").forward(req, resp);
				return;
			} else if ("employeeInfo".equals(operator)) { // 员工管理
				req.getRequestDispatcher("/WEB-INF/employee/employee.jsp").forward(req, resp);
				return;
			} else if ("noticeInfo".equals(operator)) { // 公告管理
				req.getRequestDispatcher("/WEB-INF/notice/notice.jsp").forward(req, resp);
				return;
			} else if ("documentInfo".equals(operator)) { // 下载中心
				req.getRequestDispatcher("/WEB-INF/document/document.jsp").forward(req, resp);
				return;
			}
		} else if (req.getSession().getAttribute("user") == null) { // 说明没有登录记录
			resp.sendRedirect(req.getContextPath() + "/WEB-INF/error/404.jsp");
			return;
		} else {
			// 放行
			chain.doFilter(request, response);
		}

	}

}
